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o\ 

T-H Abstract 

^ Dickson's Lemma is a simple yet powerful tool widely used in decidabil- 
^^ ity proofs, especially when dealing with counters or related data structures 



in algorithmics, verification and model-checking, constraint solving, logic, 

etc. While Dickson's Lemma is well-known, most computer scientists are 
^ not aware of the complexity upper bounds that are entailed by its use. 

This is mainly because, on this issue, the existing literature is not very 

accessible. 
C^ We propose a new analysis of the length of bad sequences over (N*', <), 

^ improving on earlier results and providing upper bounds that are essen- 

CTN tially tight. This analysis is complemented by a "user guide" explaining 

through practical examples how to easily derive complexity upper bounds 

from Dickson's Lemma. 



O 1 Introduction 

O 



For some dimension k, let {N'', <) be the set of fc-tuples of natural numbers 
ordered with the natural product ordering 



;:; x = {x[l],...,x[k]) < y^{y[ll...,y[k])4>x[l]<y[l]A---Ax[k]<y[k]. 

Dickson's Lemma is the statement that (N'^ , <) is a well-quasi-ordering (a "wqo" ) . 
This means that there exist no infinite strictly decreasing sequences xq > xi > 
X2 > ■ ■ ■ of /c-tuples, and that there are no infinite antichains, i.e., sequences 



of pairwise incomparable fc-tuples ( Kruskal 1972 Milner 19851. Equivalently, 



every infinite sequence x = xo,xi,X2, ■ ■ ■ over N contains an increasing pair 
Xi^ < Xi^ for some ii < 12- We say that sequences with an increasing pair 
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Xii < Xi2 are good sequences. We say that a sequence that is not good is bad. 
Dickson's Lemma states that every infinite sequence over N*^ is good, i.e., that 
bad sequences are finite. 

Using Dickson's Lemma "The most frequently rediscovered mathemati- 



cal theorem" according to (Becker and Weispfenning 1993 p. 184), Dickson's 



Lemma plays a fundamental role in several areas of computer science, where 
it is used to prove that some algorithmic constructions terminate, that some 
sets are finite, or semilinear, etc. In Section T} we give examples dealing with 



counter machines and Petri nets because we are more familiar with this area, 
but many others exist. 



Example 1.1. The following simple program is shown in ( Podelski and Ry 



balchenko 2004) to terminate for every input (a, 6) € N^: 



CHOICE (a,b) 
while a > A 6 > 1 

(a, b) i — (a — 1, a) 
or 

(a, 6) ^ (6-2,a + l) 
end 

We leave it to the reader to check that, in fact, any sequence of successive con- 
figurations xq — {a,b),xi,X2, ■ . ■ of this program is a bad sequence over N^, and 
is thus finite by Dickson's Lemma. Let TiME(a, b) be the maximal number of 
times the while loop of CHOICE can be executed — a natural complexity mea- 
sure. If we could bound the length of bad sequences over N^ that start with 
(a, b), then we would have an upper-bound on TiME(a, b). D 

In order to bound the running time of algorithms that rely on Dickson's 
Lemma, it is usually necessary to know (or to bound) the value of the index i2 
in the first increasing pair Xi-^ < Xi^. It is widely felt, at least in the field of 
verification and model-checking, that relying on Dickson's Lemma when proving 
decidability or finiteness does not give any useful information regarding complex- 
ity, or that it gives upper bounds that are not explicit and/or not meaningful. 
Indeed, bad sequences can be arbitrarily long. 

The Length of Bad Sequences It is easy to construct arbitrarily long bad 
sequences, even when starting from a fixed first element. Consider N'^ and fix 
Xq = (0, 1). Then the following 

(0,l),(i,0),(L-l,0), (L-2,0),--- (2,0), (1,0) 

is a bad sequence of length L + 1. What makes such examples possible is the 
"uncontrolled" jump from an element like Xq to an arbitrarily large next element 
like here xi — {L,0). Indeed, when one only considers bad sequences displaying 
some controlled behaviour (in essence, bad sequences of bounded complexity) , 
upper bounds on their lengths certainly exist. 

Let us fix a control function / : N — > N. We say that a sequence x = 
Xq, Xi, . . . over N*^ is t-controlled for some t in N if the infinity norm of the Xi 
verifies \xi\oo < f(i + t) for all indexes i = 0, 1, . . . Then, for fixed k, t, and /, 
there are only finitely many i-controlled bad sequences (by Dickson's Lemma 



cum Konig's Lemma) and a m.aximum length exists. This maximum length can 
even be computed if / is recursive. 

In this paper, we write Lkj{t) for the maximal length of a i-controlled bad 
sequence (given /, and a dimension k) and bound it from above via a new 
decomposition approach. These results are especially useful when we study 
Lk.f{t) as a function of t, i.e. when we prove that the function Lkj is majorized 
by a function in a given complexity class. The literature already contains upper 
bounds on Lkj (see Section 8) but these results are not widely known. Most 



prominently, McAloon (1984) shows that for linear /, L^j is primitive-recursive 
for each fixed k, but is not primitive-recursive when k is not fixed. More pre- 
cisely, for every k, L^j is at level ^k+i of the Fast Growing HierarchyFTTo quote 
Clote (1986), "This suggests the question whether 5/c+i is the best possible." 



Our Contribution We present a self-contained and elementary proof, markedly 
simpler and more general than McAloon 's, but yielding an improved upper 
bound: for linear control functions, Lkj is at level 5'fc, and more generally, for 
a control function / in 5^7, -^fc,/ is at level 3^.^+fc_i. 



Example 1.1 (continuing from p. [2]). Setting f{x) = x+1 makes every sequence 
of configurations of CHOICE (a, 6) a (max(a, 5))-controlled bad sequence, for 
which our results incur an elementary length in ^2 as a function of max(a, 6). D 

That "TiME(a, b) is in 3^2" is a very coarse bound, but as we will see in 



Section 6 allowing larger dimensions or more complex operations quickly yield 
huge complexities on very simple programs similar to CHOICE. In fact, we also 
answer |Clote[ s question, and show that our upper bounds are optimal. 
More precisely, our main technical contributions are 

• We substantially simplify the problem by considering a richer setting for 
our analysis: all disjoint unions of powers of N. This lets us provide finer 



and simpler decompositions of bad sequences (Section 3), from which one 



extracts upper bounds on their lengths (Section 5.1) 



We completely separate the decomposition issue (from complex to sim- 
ple wqo's, where / is mostly irrelevant) from the question of locating the 
bounding function in the Fast Growing Hierarchy (where / becomes rele- 



vant); see Section 5.2 



• We obtain new bounds that are essentially tight in terms of the Fast 
Growing Hierarchy; see [Section's} Furthermore, these bounds are tight 
even when considering the coarser lexicographic ordering. 

• We describe another benefit of our setting: it accommodates in a smooth 
and easy way an extended notion of bad sequences where the length of 



the forbidden increasing subsequences is a parameter ( Section 4 ) 



In addition we provide (in Section 7 1 a few examples showing how to use bounds 
on Lj^f in practice. This section is intended as a short "user guide" showing 
via concrete examples how to apply our main result and derive upper bounds 



-"^In truth, 



McAIoon| is no t that explicit. The Sk+l upper bound is extracted from his 
construction by |Clote| ( |l986| l, who also proposed a simple derivation for an upper bound at 
level Sk+6- 



from one's use of Dickson's Lemma. We do not claim that we show new results 
for these examples, although the existence of the bounds we obtain is hardly 
known at all. The examples we picked are some of our favorites (many others 



exist, see Section 8 for a few references). In particular, they involve algorithms 
or proofs that do not directly deal with bad sequences over (N*^, <): 

• programs shown to terminate using disjunctive termination arguments 



(Section 7.1), 



emptiness for increasing counter automata with applications to questions 



for XPath fragments on data words (Section 7.2 1, and 



Karp and Miller coverability trees and their applications, (Section 7.3) 



2 WQO's Based on Natural Numbers 

The disjoint union, or "sum" for short, of two sets A and B is denoted A + B, 
the sum of an /-indexed family {Ai)i^j of sets is denoted J^iei ^i- While A + B 
and J2i ^i '^^^ be seen as, respectively, A x {1} U i? x {2} and IJ^ Ai x {«}, we 
abuse notation and write x when speaking of an element (x, i) of ^^ Ai. 

Assume (^i,<i) and (A2,<2) are ordered sets. The product Ai x A2 is 
equipped with the usual product ordering: (x, y) < (x', y') 4l> x <i x' A y <2 y' ■ 
The sum Ai + A2 is equipped with the usual sum ordering given by 

X < x' ^ (x, x' e Ai A X <i x') V (x, x' e ^2 A X <2 x') . 

It is easy to see that {Ai x A2, <) and {A1+A2, <) are wqo's when (^1, <i) and 
{A2, <2) are. This immediately extends to Yiiei ^i ^^'^ "^iei ^^ when the index 
set I is finite. Note that this allows inferring that (N'^, <) is a wqo (Dickson's 
Lemma) from the fact that (N, <) is. 

A key ingredient of this paper is that we consider finite sums of finite powers 
of N, i.e., sets like, e.g., 2 x N^ + N (or equivalently N^ + N^ + N\ and more 
generally of the form J2iei^'^')- With S = X^ie/^'^S ^^ associate its type r, 
defined as the multiset {k^ \ i e /}, and let N"^ denote S (hence N^'^^ is N*-' and 
N" is 0). 

Types such as r can be seen from different angles. The multiset point of view 
has its uses, e.g., when we observe that N'^^+N'^^ = N'^i+'^2^ g^^ types can also be 
seen as functions r : N ^ N that associate with each power fc e N its multiplicity 
T{k) in r. We define the sum Ti-|-r2 of two types with {Ti+T2){k) = Ti{k)+T2{k) 
and its multiple p x r, for p G N, by {p x T){k) = p.T{k). As expected, r — ri is 
only defined when r can be written as some T1+T2, and then one has t — ti = T2. 

There are two natural ways of comparing types: the inclusion ordering 

T1CT2U 3t' : T2 = Ti + r' (1) 

and the multiset ordering defined by transitivity and 

T <m {k} ^ k > I for aU I e t, (2) 

Tl+T <mT2+T<^Ti <mT2 . (3) 



Note how Eq. ^ entails <„ {k}. Then Eq. ^ further yields <„ r for 
any r (using transitivity). In fact, the multiset ordering is a well-founded linear 



extension of the inclusion ordering (see Dershowitz and Manna 1979 ) . This is 



the ordering we use when we reason "by induction over types" . 

3 Long Bad Sequences over N^ 

Assume a fixed, increasing, control function / : N — > N with /(O) > 0; we keep 
/ implicit to simplify notations, until [Section 5.2| where the choice of control 
function will become important. For t e N, we say that a sequence xq, xi, . . . ,xi 
over N"^ is t-controlled if \xi\oa < f{i + t) for all i = 0, 1, . . . ,^, where |xi|oo = 
niax{2:i[j] I j = 1, . . . , dim{xi)} is the usual infinity norm. Let Lr(t) be the 
length of the longest t-controlled bad sequence over N"^ . 

In simple cases, Lr{t) can be evaluated exactly. For example consider r = 
{0}. Here N'^, i.e., N°, only contains one element, the empty tuple (), whose 
norm is 0, so that every sequence over N'^ is i-controUed because /(O) > 0, and 
is good as soon as its length is greater than or equal to 2. Hence 

L{o}{t)^l, (4) 

and more generally for all r > 1 

Lrx{o}{t) = r- (5) 

Note that this entails i0(i) = iox{o}(i) = as expected: the only sequence 
over N" is the empty sequence. 

The case r = {1} is a little bit more interesting. A bad sequence xq, xi, . . . ,xi 
over N^^\ i.e., over N, is a decreasing sequence xq > xi > ■ ■ ■ > xi oi natural 
numbers. Assuming that the sequence is t-controlled means that xq < f(t). 
(It is further required that Xt < f{t + i) for every i = 1,. . . ,1 but here this 
brings no additional constraints since / is increasing and the sequence must be 
decreasing.) It is plain that L^i^{t) < f{t), and in fact 

i{i}W = /W (6) 

since the longest i-controUed bad sequence is exactly 

/(t)-l, /(f)-2, ...,1, 0. 

Decomposing Bad Sequences over N^ After these initial considerations, 
we turn to the general case. It is harder to find exact formulae for Lr(t) that 
work generally. In this section, we develop inequations providing upper bounds 
for LT{t) by induction over the structure of r. These inequations are enough to 
prove our main theorem. 

Assume r = {fc} and consider a t-controlled bad sequence x = xq, Xi, . . . , a;; 
over N*^. Since x is t-controlled, xq is bounded and xq < {f{t) — 1, ... , /(t) — 1). 
Now, since x is bad, every Xi for i > must have Xi[j] < xo[j] for at least one 
j in 1, . . . ,k. In other words, every element of the suffix sequence xi, . . . ^xi 
belongs to at least one region 

i?j,, = {xe N^- I x[j] = s} 



for some 1 < j < k and < s < /(t) — 1. The number of regions is 

7Vfc(i) = fc.(/(t)-l). 



(7) 



By putting every Xi in one of the regions, we decompose the suffix sequence into 
Nf^{t) subsequences, some of which may be empty. 

We illustrate this with an example. Let k = 2 and consider the following 
bad sequence over N^ 

x= (2,2), (1,5), (4,0), (1,1), (0,100), (0,99), (3,0). 

The relevant regions are i?i,o, Ri,i, -^2,0: a-nd i?2,i- We can put 3:3 = (1, 1) in 
either Ri^i or i?2,i, but we have no choice for the other Xj's. Let us put X3 in 
i?i^i; we obtain the following decomposition: 

. (0,100), (0,99), 



(2,2), 



(1,5), 



(4,0), 



(1,1), 



. {Ri,o 

■ {Ri,i 

(3,0)(i?2,o 

■ (^2.1 



x[l] 
x[l] 



We have 4 subsequences, one per line. Each subsequence is bad (one is even 
empty). They are not (t+l)-controlled if we see them as independent sequences. 
For instance, the first subsequence, "(0, 100), (0, 99)", is only controlled if 100 < 
f{t + 1), while in the original sequence it was only required that 100 < /(i + 4). 
But they are {t + l)-controlled if we see them as a sequence over the sum type 
4xN2. 

For the next step, we observe that every subsequence has all its elements 
sharing a same x[j] = s. By disregarding this fixed component, every subse- 
quence can be seen as a bad sequence over N'''^^. In our example, we get the 
following decomposition 

"... (*,100),(*,99), . {Ri,o : x[l] = 0)' 
,5), . (*,1), . . . (i?i,i : x[l] = 1) 
. (4,*), . . . (3, *) (i?2,o : a;[2] = 0) 
(i?2,i : x[2] = 1) 



(2,2), 



This way, the suffix sequence xi, . . . ,xi is seen as a bad sequence over N'^ for 
r' = Nk{t) X {k—1}. Note that the decomposition of the suffix sequence always 
produces a bad, (t + l)-controlled sequence over N"^ . Hence we conclude that 

(8) 



Observe that Eq. 



(by Eq. dSD 
= and the 



L{k}{t) < 1 + iAr^.(t)x{fe-i}(^ + 1) • 
([8]) applies even when k — 1, giving 

L{i}it) < l + i(/(t)_i)x{o}(^ + l) 
= 1 + f{t) - 1 = f{t) . 

Eq. (Is]) still applies in the degenerate "fc = 0" case: here Nk{t) 
meaningless type "{—1}" is made irrelevant. 

Remark 3.1. When fc > 2, the inequality in Eq. ([8| cannot be turned into an 
equality. Indeed, a bad sequence over Nk{t) x N*^ cannot always be merged 
into a bad sequence over W' . As a generic example, take a bad sequence x of 
maximal length over W^ . This sequence ends with (0, ..., 0) (or is not maximal). 
If we now append another copy of (0, ...,0) at the end of x, the sequence is 
not bad anymore. However, when fc > 2 we can decompose its suffix as a bad 
sequence over Nk{t) x N'^^^ by putting the two final (0, ...,0)'s in the different 
regions i?i_o and i?2,o- D 



The above reasoning, decomposing a sequence over N'^ into a first element 
and a suffix sequence over N"^ for r' = Nk{t) x {k — 1}, appfies more generally 
for decomposing a sequence over an arbitrary N"^. Assume r ^ 0, and let 
X ~ xq,xi, . . . ,xi be a bad sequence over N'^. The initial element xq of x 
belongs to N'^ for some k € t and as above x can be seen as Xq followed by a 
bad subsequence over t' = Nk{t) x {k— 1}, hence the suffix of x can be seen as 
a bad subsequence over t' + {t — l^})- This calls for special notations: for k in 
r and t in N, we let 



dcf 



^k,t) = T - {k} + Nk{t) X {k - 1} , (9) 

where, for k = 0, r^o,t) is simply r — {0} since No^t) — 0. 

We can now write down the main consequence of our decomposition: 

Theorem 3.2. For any t 

L,(t)<inax{l + L,^,^,(t + 1)}. 



The "max" in Theorem 3.2 accounts for allowing a sequence over N"^ to begin 



with a tuple Xq from any N for k £ t. As usual, we let max0 = 0. Note that 



this entails Lij){t) = 0, agreeing with Equation 5 



4 Long r-Bad Sequences 

We say that sequences with an increasing subsequence Xi-^ < Xi^ < ■ ■ ■ < 2:4^+1 
of length r+l are r-good (hence "good" is short for "1-good"). A sequence that 
is not r-good is r-bad. By Dickson's Lemma, every infinite sequence over N'^ is 
r-good (for any finite r), i.e., r-bad sequences are finite. Bounding the length 
of r-bad sequences is helpful in applications where an algorithm does not stop 
at the first increasing pair. 

Finding a bound on the length of controlled r-bad sequences can elegantly 
be reduced to the analysis of plain bad sequences, another benefit of our "sum 
of powers of N" approach. 

Write Lr.rit) for the maximum length of i-controUed r-bad sequences over 
N'^. In this section we prove the following equality: 

LrAi) = I^rxrit) ■ (10) 

For a sequence x — xq, xi, . . . , x; over some N'^, an index i = 0, 1, . . . , ^ and 
some p = 1, . . . , r, we say that i is p-good if there is an increasing subsequence 
of length p+1 that starts with Xi, i.e., some increasing subsequence x^^ < Xi^ < 
■ ■ ■ l£ ^i +1 with ii = i. The goodness of index i is the largest p such that i is 
p-good. 

For example, consider the following sequence over N^ 

x= (3,1), (5,0), (3,5), (2,4), (2,6), (3,1), (4,5), (2,8) . 

X can be arranged in layers according to goodness, as in 

2-good indices: (3,1), . . (2,4), .... 

1-good indices: . . (3,5), . (2, 6), (3,1), 

0-good indices: . (5,0), .... (4, 5), (2, 8) 

This transformation applies to sequences over any wqo. It has two properties: 



Badness of layers: Assume that Xi < Xj is an increasing pair in 

X. If Xj is p-good then, by definition, Xi is at least (p + l)-good. Hence 
Xi and Xj cannot be in the same goodness layer and every layer is a bad 
subsequence of x. 

Number of layers: If x is r-bad, every index i is at most (r — 1)- 

good and the decomposition requires at most r non-empty layers. 

If we now see the decomposition as transforming a i-controUed r-bad sequence x 
over N'^ into a sequence x' over N'"^'^, then x' is i-controUed and, as we observed 
above, bad. Thus 

Lr.rit) < Lr^rit) (11) 



holds in general, proving one half of ( 10 ) 



For the other half, let x = xo,...,xi be some i-controUed sequence over 
l^rxT_ gy collapsing W^'^ to N'^ in the obvious way, x can be transformed 
into a sequence y over N'^. The two sequences have same length and same 
control. Regarding badness, we can show that y is r-bad when x is bad, entailing 
Z -I- 1 < Lr.T (t) and hence 

Lrxrit) < Lr^rit) ■ (12) 

For the proof, assume, by way of contradiction, that y is not r-bad, i.e., is r- 
good. Then it contains an increasing subsequence with r + 1 elements. By the 
pigeonhole principle, two of these come from the same summand in r x r, hence 
X contains an increasing pair and is good, contradicting our assumption. 

5 Upper Bound 

Theorem 3. 2 [gives a bounding function for L. Define 



Mr{t) =^ max{ 1 + M,^,,,^ (t + 1)} . (13) 

This inductive definition is well-formed since T(^k,t) <m t and the multiset or- 
dering is well-founded. Note that Mijj{t) = since max0 = 0. For all t and t, it 
holds that Lr{t) < Mr{t). 



We first show that the maximum in Eq. ( 13 ) is reached by always choosing 
the smallest element of r ([Section 5.1), and then use this characterization to 



classify M in the Fast Growing Hierarchy (Section 5.2) 



5.1 A Maximizing Strategy for M 

The next Lemma shows that the maximum of all 1 -I- M^..^ ^. (t + 1) used in 
Eq. (13 1 can always be obtained by taking k = minr. This useful fact leads to 



a simplified definition of M . 

Lemma 5.1. Let k = minT and I E t. Then Mr.^ ^At + 1) < Mt,^ ^At+1) and, 
hence, 

Mr (f ) = 1 + M,^.„„ ^^^ (i + 1) forr^H). 



5.2 Classifying M in the Fast Growing Hierarchy 



The bounding function M-r grows very fast with the dimension k: My^x is 



aheady non-elementary for f{x) = 2a; + 1. Clote (1986) classified the upper 
bounds derived from both his construction and that of McAloon using the Fast 
Growing Hierarchy {^a)a ( |Lob and Wainer 1970) for finite ordinals a: for a 
linear control function, he claimed his bounding function to reside at the ^k+e 
level, and McAloon s at the ^k+i level. We show in this section a bounding 



function in ^k', the results of the next section entail that this is optimal, since 
we can find a lower bound for Lrxffc} which resides in SkX-Sk-i if fc > 2. 



The Fast Growing Hierarchy The class ^k of the Fast Growing Hierarchy 
is the closure under substitution and limited recursion of the constant, sum, 
projections, and Fn functions for n < k, where Fn is defined recursively bjFl 



Fo{x) ^ X - 



(^), 



(14) 
(15) 



where g^ denotes the p-fold application of a function g. The hierarchy is strict 
for A: > 1, i.e. ^k S Sk+i, because Fk+i ^ ^k- For small values of k, the 
hierarchy characterizes some well-known classes of functions: 

• i?o = 5^1 contains all the linear functions, like Xx.x + 3 or Xx.2x, 

• 5^2 contains all the elementary functions, like Xx.2^ , 



• 5^3 contains all the tetration functions, like Ax. 2 , etc. 

X times 

The union |J^ ^k is the set of primitive-recursive functions, while F^j defined by 
Fu}{x) = Fx{x) is an Ackermann-like non primitive- recursive function; we call 
Ackermannian such functions that lie in 3'w\Ufc5^fe- Some further intuition on 
the relationship between the functions / in ^k and Fk for k > 1 can be gained 
from the following fact: for each such /, there exists a finite p s.t. F^ majorizes 
/, i.e. for all xi, . . . ,a;„, /(xi, . . . ,x„) < F^(max(xi, . . . ,a;„)) (Lob and Wainer 



1970 Theorem 2.10). 



Readers might be more accustomed to a variant {Ak)k of the {Fk)k called 



the Ackermann Hierarchy (see e.g. Friedman, 2001), and defined by 



Ai{x) = 2x 
Ak+i{x) '^ Alii) ioT k > 1 . 

These versions of the Ackermann functions correspond exactly to exponentiation 
of 2 and tetration of 2 for fc = 2 and fc = 3 respectively. One can check that 
for all fc,p > 1, there exists Xk,p > s.t., for all x > Xk,p, Ak{x) > F^_^{x), 



which contradicts Ak being in ^k-i by (Lob and Wainer 1970 Theorem 2.10). 



Conversely, Ak{x) < Fk{x) for all A: > 1 and a; > 0, which shows that Ak belongs 
to dk\dk-i for fc > 2. 



^For simplicity's sake, we present here a version more customary in the recent Uterature, 
including |McAloon| ||1984[| and|Clote| ||l986[|. Note however that it introduces a corner case at 



|Lob and Wainer] ||1970[l, i?o C Ji, the latter being the set of polynomial functions, 



level 1: in 



generated by Fi{x) = {x + 1) 



fit) -~ 1 fit) - 1 ■ ■ ■ fit) - 1 fit) ~ 2, fit) -2, ■■■ , fit) ^ 2 ■■■ 0, 0, • • • , 

£k,f it) times 4,/(ofej(i)) times 4,/(o{j (i)j times 

Figure 1: The decom.position of bad sequences for the lexicographic ordering. 

Main Result In this section and in the following one, we focus on classifying 
in the Fast Growing Hierarchy the function Mrx{fe} for some fixed r, k, and 
(implicit) /. Here the choice for the control function / becomes critical, and we 
prefer therefore the explicit notation Mrx{fe},/- 
The main result of this section is then 

Proposition 5.2. Let k,r > 1 be natural numbers and 7 > 1 an ordinal. If 
f is a monotone unary function of ^-y with fix) > max(l,a::) for all x, then 
Mrx{k},f is in d-r+k-i- 

One can be more general in the comparison with |Mc Aloonf s proof: his Main 
Lemma provides an upper bound of the form G'j, Ad- fix)'^) for some constant d, 
where in turn his G"^ t function can be shown to be bounded above by a function 
in 57+fc+i when / is in ^^. The ^k+i bound for linear functions reported by 



Clote ( 1986 1 is the result of a specific analysis in McAloon s Main Corollary. 



6 Lower Bound 

We prove in this section that the upper bound of S'-y+^-i for a control function 
/ in 5'-y is tight if / grows fast enough. 

Let <iex denote the lexicographic ordering over W' , defined by 

X = (a;[l], . . . , x[k]) <icx y = (j/[l], • ■ ■ , y[k]) 

U x[l] < y[l] V (x[l] = y[l] A (.t[2], . . . , x[k]) <,,^ (y[2], . . . , y[k])) . 

This is a well linear ordering for finite k values, and is coarser than the natural 
product ordering. Let us fix a control function /; we denote by ir,kjit) the 
length of the longest i-controUed r-bad sequence for <iex on N*^: this implies 
that for all t 

(■r,kjit) < Lrx{k},fit) ■ (16) 

We derive in this section an exact inductive definition for i in the case r — 1, 
and show that it yields large enough lower bounds for L in the case oi f = F^. 

An Inductive Definition for I We define our strategy for generating the 
longest bad controlled sequence for <icx in W^ by induction on k. Assume as 
usual /(O) > 0; for fc = 1, the longest i-controUed sequence is 

fit) -I, fit) -2, ..., 1, 

of length fit), and we define 

hj{t) = fit) . (17) 
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In dimension k + 1, we consider the bad sequence where the projection 
on the first coordinate is segmented into f{t) constant sections, such that the 
projection on the k remaining coordinates of each section is itself a bad sequence 
of dimension k following the same strategy. 

Example 6.1. The sequence built by our strategy ioi k = 2, t = 3, and 

f{x) = X + 1 is 



i 


12 3 4 5- 


- 10 1112 13- 


- 26 27 28 29- 


- 58 59 




3 3 3 3 2 2- 
3 2 10 7 6- 


-2211- 
- 1 15 14 - 


-110 0- 
- 1 31 30 - 


- 

- 1 



f{i + t) 4 5 6 7 8 9 --- 1415 16 17--- 30 31 32 33--- 62 63 

It is composed of four sections, one for each value of the first coordinate. The 
first section starts at i = and is of length ^i,/(3) = 4, the second starts at z = 4 
and is of length iij{7) ~ 8, the third at i = 12 with length £ij{15) = 16, and 
the last at « = 28 with length £i j(31) — 32. The successive arguments of £ij 
can be decomposed as sums t + £ij{t) for the previously computed argument t: 

7^ 3 + 4 =3 + 4./(3) 
15= 7 + 8 =7 + 4,/(7) 
31 = 15 + 16 = 15 + ^ij(15) 

simply because at each step the starting index is increased by the length of the 
previous section. D 

We define accordingly an offset function o by 

Okj{t)=t + ikjit); (18) 



the strategy results in general in a sequence of the form displayed in Figure l]on 



the first coordinate. The obtained sequence is clearly bad for <iox; that it is the 
longest such sequence is also rather straightforward by induction: each segment 
of our decomposition is maximal by induction hypothesis, and we combine them 
using the maximal possible offsets. Hence 

m 

h+ij{t) = Y.ikj[oi-f\t)) . (19) 

Remark 6.2. The lexicographic ordering really yields shorter bad sequences than 
the product ordering, i.e. we can have £kj{t) < L^^-yjit), as can be witnessed 
by the two following sequences for f{x) ~ 2x and i = 1, which are bad for <iex 
and < respectively: 

(1,1), (1,0), (0,5), (0,4), (0,3), (0,2), (0,1), (0,0) 

(1,1), (0,3), (0,2), (0,1), (9,0), (8,0), (7,0), (6,0), (5,0),..., (0,0) 

The first sequence, of length 8 = ^2, /(I), is maximal for <icx, and shorter than 
the second, of length 14 < L{2},/(1). □ 
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Lower Bound for r-Bad Sequences One can further extend this strategy 
to give a lower bound on the length of interleavings of r-bad sequences in N*^ , 
by simply concatenating r sequences, each starting with a higher offset. For 
instance, for r = 2, start with the sequence of length £kj{t)', arrived at this 
point, the next sequence reaches length ikj{t + ^kj{t))- In general 



r 

er,kj{t)>J2hj{oi-/{t) 



J = l 



(20) 



Proposition 6.3. Let j > be an ordinal and k,r > 1 natural numbers. Then, 
for all t > 0, ir^k,F,{t) > F;+fc_i(i). 

Remark 6.4. Note that, since 



(r,k,F^{t) < Lry,{k},F-y{t) < Mry,{k},F^{t) 



and 



Proposition 6.3 together show that Afrx{fe}.F belongs to 



Proposition 5.2 

'■S'i+k~i\-S-y+k-2 if 7 > 1 and 7 + fc > 3. One can see that the same holds for 

(.k.F , since it is defined by limited primitive recursion. D 

Remark 6.5. In the case of the successor control function / = Fq, the Fk-i 
lower bound provided by [Proposition 6.3| does not match the ^k upper bound 
of Proposition 5.2 (indeed the statement of the latter does not allow 7 = and 



forces 7 = 1). Tightness holds nevertheless, since Friedman (2001) proved in 
his Theorem 2.6 an Ak lower bound for this particular case of / = i^o- D 



Concrete Example It is easy to derive a concrete program illustrating the 
intuition behind [Proposition 6.3[ 

Example 6.6. Consider the following program with control Xx.2^ + 1 in g'2 for 
t = [log2 niaxi<j<fe ajl : 

LEX (ai, . . . ,afc) 

c< — 1 

while Ai<j<k flj > 

(ai, 02, . . . , Ofc-i, flfc, c) i — (ai — 1, 2c, ... , 2c, 2c, 2c) 
or 

{ai,a2,. . . ,afc_i,afc,c) i — {ai,a2 — 1, . . . , 2c, 2c, 2c) 



{ai,a2,... ,ak-i,ak,c) i — (ai,a2, . . . ,ak-i,ak - 1,2c) 



end 



An analysis similar to that oilkj shows that, for fc > 2 and m — mini<j<j, aj > 
0, LEX might run through its while loop more than Ak+i{m) times, which is 



a function in ^k+i\dk- It matches the Sk+i upper bound provided by Propo- 



sition 5.2 for this program, since the projection of any sequence of program 
configurations (ai, . . . , a/j, c) on the k first components is bad (c increases con- 
tinuously and thus does not contribute to the sequence being bad). D 
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7 Applications 

Results on the length of bad sequences are rarely used in the verification lit- 



erature. We claim that Proposition 5.2 is very easy to use when one seeks 



complexity upper bounds, at least if one is content with the somewhat coarse 
bounds provided by the Fast Growing Hierarchy. 

One might want to modify the choices of parametrization we made out of 
technical convenience: for instance 

• controlling the sum of the vector components instead of their infinity norm, 
i.e. asking that ^ Xi[j] < f(i + t): since \xi\ao < X)? ^ibl? Proposition 5.2 
also works for this definition of control, 

• controlling the bitsizc of the successive vectors in a bad sequence similarly 
only induces a jump in the classification of / from ^i to 5^2 and leaves the 
other cases unchanged, 

• using an "internal" view of the control, constraining how much the vector 
components can grow in the course of a single step of the algorithm, i.e. 
such that \xi\oo < f^{t), leads to upper bounds one level higher in the Fast 
Growing Hierarchy, since \i.f^^^{t) controls the sequence in our sense and 
belongs to S^^+i whenever / belongs to '^^. 

7.1 Disjunctive Termination Arguments 

Program termination proofs essentially establish that the program's transition 
relation R is well-founded. The classical, "monolithic" way of proving well- 
foundedness is to exhibit a ranking function p from the set of program configu- 
rations xo,xi, . . . into a well-order such that _R C {(x^, Xj) \ pjxj) ^ p(x.,) |, like 
Aai • • • afeC.(X]i<7<fe'^'' "'^^ ' %)' mapping N'^^^ to uj'' for Example 6.6 That 
same ranking function could also be seen as mapping to (N'^,<iox), a linear 
extension of the product ordering. Our techniques easily apply to such ter- 
mination proofs based on lexicographic orderings: one only needs to identify 
a control function. This is usually obtained by combining the computational 
complexities of the program operations and of the ranking function. 



A different termination argument was proposed by|Podelski and Rybalchenko| 



(2004) (see also Blass and Gurevich 2008 Cook et al. 2011): in order to prove 



R to be well-founded, they rather exhibit a finite set of well-founded relations 
Ti, . . . , Tfc and prove that i?+ C Ti U • • • U Tfc. In practice, each of the T,-, 1 < 
j < k, is proved well-founded through a ranking function pj, but these functions 
might be considerably simpler than a monolithic ranking function. In the case 
of Example 6.6 choosing Tj = {((ai, . . . , a^, . . . , a^, c), (a'j^, . . . , a' , . . . , a^, c')) | 
flj > A a' < Qj } , yields such a disjunctive termination argument. 



Although Podelski and Rybalchenko] resort to Ramsey's Theorem in their 



termination proof, we can easily derive an alternative proof from Dickson's 
Lemma, which allows us to apply our results: if each of the Tj is proven well- 
founded thanks to a mapping pj into some wqo {Xj, <j), then with a sequence 
xo,xi, . . . of program configurations one can associate the sequence of tuples 
{pi{xo),...,pk{xo)), {pi{xi),...,pk{xi)),... inXi X ••• xXk, the latter being a 
wqo for the product ordering by Dickson's Lemma. Since for any indices ii < 12, 
(xijjXij) G i?+ is in some Tj for some 1 < j < fc, we have Pj{xi^) -^j Pjixi^) by 



13 



definition of a ranking function. Therefore the sequence of tuples is bad for the 
product ordering and thus finite, and the program terminates. 

If the range of the ranking functions is N, one merely needs to provide a 
control on the ranks pj{xi), i.e. on the composition of R^ with pj, in order to 
apply [Proposition 5.2[ For instance, for all programs consisting of a loop with 
variables ranging over Z and updates of linear complexity (like CHOICE or lex), 



Bradley et al. ( 2005 ) synthesize linear ranking functions into N: 



Question 7.1. What is the complexity of loop programs with linear operations 
proved terminating thanks to a fc-ary disjunctive termination argument that 
uses linear ranking functions into N? 

The control on the ranks in such programs is at most exponential (due to the 



iteration of the loop) in ^2- With Proposition 5.2 one obtains an upper bound 
in ^k+i on the maximal number of loop iterations (i.e., the running time of 
the program), where k is the number of transition invariants Ti, . . . ,Tfe used 
in the termination proof — in fact we could replace "linear" by "polynomial" in 
[Question 7.1| and still provide the same answer. [Example 6. 6| shows this upper 
bound to be tight. Unsurprisingly, our bounds directly relate the complexity 
of programs with the number of disjunctive termination arguments required to 
prove their termination. 



7.2 Reachability for Incrementing Counter Automata 

Incrementing Counter Automata, or ICA's, are Minsky counter machines with 



a modified operational semantics (see Demri 2006 Demri and Lazic 20091. 



ICA's have proved useful for deciding logics on data words and data trees, like 
XPath fragments (iFigueira and Segoufinl [2009]). The fundamental 



result 



this area is that, for ICA's, the set of reachable configurations is a computable 



set (Mayr 2003 Schnoebelen 2010b). 



Here we only introduce a few definitions and notations that are essential 
to our development (and refer to (Mayr 2003 Schnoebelen[ 2010b[ ) for more 
details). The configuration of a fc-counter machine M = {Q,A) is some tu- 
ple V = (g, ai, . . . , flfc) where q is a control-state from the finite set Q, and 
ai,...,afe S N are the current values of the k counters. Hence CouJm = 
Q X N'^'. The transitions between the configurations of M are obtained from 
its rules (in A). Now, whenever M seen as a Minsky machine has a transition 
(g, fli , . . . , Cfc) — ^M (Pj ^1 7 • ■ ■ I bk) , the same M seen as an ICA has all transitions 
(g, ai, . . . , ak) -^i {p, fc'i, • ■ • , &fc) for b[ > bi A ■ ■ ■ A b'/^ > bk'- Informally, an ICA 
behaves as its underlying Minsky machine, except that counters may increment 
spuriously after each step. The consequence is that, if we order Confu with 
the standard partial ordering (by seeing Confm as the wqo X^neg ^^)i then the 
reachability set of an ICA is upward-closed. 

We now describe the forward-saturation algorithm that computes the reach- 
ability set from an initial configuration vq. 

Let Xq,Xi,X2t ■■■ and Fq: ^ii ^2i ■•• be the sequences of subsets of Confj^j 
defined by 



-'^o = {vo}, 

^ dot ^ 



X,+i = Post{X,), 
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where Post{X) = {v' G ConJM \ 3v ^ X : v -^i v'}. The reachabihty set 
is Reach{M,VQ) = IJj^]^ 2 ^*' ^•^•' l™j-i-tj^j- However, since every X^+i is 
upward-closed, the sequence (KijieN stabihzes after finitely many steps, i.e., 
there is some / such that Yi = Yj+i = . . . = Reach{M,VQ), as we prove below. 
This method is effective once we represent (infinite) upward-closed sets by their 
finitely many minimal elements: it is easy to compute the minimal elements 
of Xi^i from the minimal elements of Xi, hence one can build the sequence 
Yq,Yi, . . . (again represented by minimal elements) until stabilization is de- 
tected. 

Question 7.2. What is the computational complexity of the above forward- 
saturation algorithm for ICA's? 

For this question, we start with the length of the sequence Yq ^ Yi ^ Y2 ^ 
■ ■ ■ ^Yi = Yi^i. For each i = 1, ...,/, let Wi be a minimal element in Yi \ Yi^i (a 
nonempty subset of ConfM)- Note that Vi G Xi, an upward-closed set, so that 
Yi contains all configurations above Vi. Hence Vj ^ Vi for j > i (since Vj ^ Y^) 
and the sequence v = vi,V2, ■ ■ ■ is bad — this also proves the termination of the 
{Yi)i sequence. 

We now need to know how v is controlled. Consider a minimal element v of 
Yi. Then |u|oo < * + |i'o|oo, which means that v is jtiol 00 -controlled for f = Fq 
the successor function. Here / is independent of the ICA M at hand! Using 
[Proposition 5.2| we conclude that, for fixed fc, I is bounded by a function in ^k 
with |?;o|oo as argument. Now, computing X^+i and l^+i (assuming represen- 
tation by minimal elements) can be done in time linear in \Xi\ and \Yi\ (and 
\M\ and Itioloo), so that the running time of the algorithm is in 0(|M| • I), i.e.. 



also in g'fc (see Schnoebelen 2010a for Fk-2 lower bounds for the reachability 
problem in fc-dimensional ICA's). 

Here the main parameter in the complexity is the number k of counters, 
not the size of Q or the number of rules in M. For fixed k the complexity is 
primitive-recursive, and it is Ackermannian when k is part of the input — which 



is the case in the encoding of logical formulae of Demri and Lazic ( 2009 ) 



7.3 Coverings for Vector Addition Systems 

Vector addition systems (VAS's) are systems where k counters evolve by non- 
deterministically applying fc-dimensional translations from a fixed set. They 
can be seen as an abstract presentation of Petri nets, and are thus widely used 
to model concurrent systems, reactive systems with resources, etc. 

Formally, a fc-dimensional VAS is some S — {A,vq) where vq G N*^ is an ini- 
tial configuration and A C Z*^ is a finite set of translations. Unlike translations, 

configurations only contain non-negative values. A VAS S has a step v —> v' 
whenever S G A and v + 6 G N'': we then have v' = v + 5. Hence the negative 
values in S are used to decrement the corresponding counters on the condition 
that they do not become negative, and the positive values are used to increment 
the other counters. A configuration v is reachable, denoted v G Reach{S), if 

there exists a sequence vq ^ vi -^ V2 ■ ■ ■ -^ Vn = v . That reachability is decid- 
able for VAS's is a major result of computer science but we are concerned here 
with computing a covering of the reachability set. 
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In order to define what is a "covering", we consider the completion N^^ = 
N U {ui} of N and equip it with the obvious ordering. Tuples w G Nfj, called 
to -markings, are ordered with the product ordering. While w-markings are not 
proper configurations, it is convenient to extend the notion of steps and write 

w ^ w' when w' — w + S (assuming n + uj — uj for all n) . 

Let C C N^ be a set of w-markings. We say that C is a covering for S if 
for any v G Reach{S), C contains some w with v < w, while any w S C is in 
the adherence of the reachability set, i.e., w — limi=i^2,... Vi for some markings 
1)1, V2, . . . in Reaches). Hence a covering is a rather precise approximation of 
the reachability set (precisely, the adherence of its downward-closure). A fun- 
damental result is that finite coverings always exist and are computable. This 
entails several decidability results, e.g. whether a counter value remains bounded 
throughout all the possible runs. 

A particular covering of S can be obtained from the KM treejjintroduced by 



Karp and Miller (1969). Formally, this tree has nodes labeled with w-markings 
and edges labeled with translations. The root sq is labeled with wq and the tree 
is grown in the following way: Assume a node s of the tree is labeled with some 
w and let (wq —)wq,wi, ...^Wn = w he the labels on the path from the root to 
s. For any translation 6 E A such that there is a step w — >■ w' , we consider 
whether to grow the tree by adding a child node s' to s with a 5-laheled edge 



1. li w' < Wi for one of the w^'s on the path from sq to s, we do not add s' 
(the branch ends). 

2. Otherwise, if w' > Wi for some i — 0, ...,n, we build w" from w' by 
setting, for all j = 1, . . . , k, w"[j] = uj whenever w'[j] > Wi[j], otherwise 
w"[j] is just w'[j]. Formally, w" can be thought as "wi + u x {w' ~ Wi)" . 
We add s' , the edge from s to s' , and we label s' with w". 

3. Otherwise, w' is not comparable with any wf. we simply add the edge and 
label s' with w' . 



Theorem 7.3 ((Karp and Miller 1969)). The above algorithm terminates and 



the set of labels in the KM tree is a covering for S . 

Question 7.4. What is the complexity of the KM algorithm? What is the size 
of the KM tree? And the size of CI 

Answering the above question requires understanding why the KM algorithm 
terminates. First observe that the KM tree is finitely branching (a node has 
at most |A| children), thus the tree can only be infinite by having an infinite 
branch (Konig's Lemma). Assume, for the sake of contradiction, that there 
is an infinite branch labeled by some wq , wi , . . . The sequence may be a good 
sequence, but any increasing pair Wi^ < Wi^ requires Wi^ to be inserted at step [2] 
of the KM algorithm. Hence Wi^ has more w's than Wi-^. Finally, since an lu- 
marking has at most k cj's, the sequence is (k + l)-bad and cannot be infinite 
since N^ is a wqo. 



^ The computation of the KM tree has other uses, e.g., with the finite containment prob- 
lem [M^F^and^^e^r ||1981||. Results from|Mayr and Meyer ( 1981|l show Ackermannian lower 



bounds, and provided the initial motivation for the work of.McAloon l|1984| and Clote ||1986 I 
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Now, how is the sequence controlled? If we say that the w's do not count 
in the size of an w-marking, a branch wq, wi, ... of the KM tree has |wi+i|oo < 
|w,;|oo + |A|oo < l^'oloo + i ■ |A|oo. Hencc the sequence is |wo I oo -controlled for 
f{x) = a; • I A|oo + 1, a control at level Ji for fixed A. More coars ely, the sequence 
is |5|-controlled for a fixed f{x) = x'^, this time at level ^2- By Proposition 5.2 
and Eq. ( [To| , we deduce that the length of any branch is less than lma.x — 
L(k+i)x{k}{\S\)- The size of the KM tree, and of the resulting C, is bounded 
by I A I'""". Finally, the time complexity of the KM algorithm on fc-dimensional 
VAS's 

is in ^k+i'- the complexity is primitive-recursive for fixed dimensions, but Ack- 
ermannian when k is part of the input. 

The above result on the size of KM trees can be compared with the tight 



1986 Theorem 2. 



bounds that Howell et al. show for VAS's (Howell et al. 
Their "Sk-i bound is two levels better than ours. It only applies to KM trees 
and is obtained via a rather complex analysis of the behaviour of VAS's, not a 
generic analysis of Dickson's Lemma. In particular it does not apply to VAS 
extensions, while our complexity analysis carries over to many classes of well- 
structured counter systems, like the strongly increasing affine nets of |Finkel et al.| 
( 2004 ) , for which both the KM tree algorithm and a 5^2 control keep applying. 



and thus so does the Sk+i bound. 



8 Related Work 



Bounds for N*^ We are not the first ones to study the length of controlled 
bad sequences. Regarding Dickson's Lemma, both McAloon (1984) and Clote 



( 1986 ) employ large intervals in a sequence and their associated Ramsey theory. 



showing that large enough intervals would result in good sequences. Unlike our 
elementary argument based on disjoint sums, we feel that the combinatorial 
aspects of |McAloon[ s approach are rather complex, whereas the arguments of 
Clote rely on a long analysis performed by Ketonen and Solovay ( 1981| ) and is not 
parametrized by the control function /. Furthermore, as already mentioned on 



several occasions, both proofs result in coarser upper bounds. Friedman (2001 
Theorem 6.2) also shows that bad sequences over N'^ are primitive-recursive 
but the proof is given for the specific case of the successor function as control, 
and does not distinguish the dimension fc as a parameter. One could also see 



the results of Howell et al. (1986) or Hofbauer (1992) as implicitly providing 



bounds on the bad sequences that can be generated resp. by VAS's and certain 
terminating rewrite systems; using these bounds for different problems can be 
cumbersome, since not only the control complexity is fixed, but it also needs to 
be expressed in the formal system at hand. 



Beyond N*' Bounds on bad sequences for other wqo's have also been con- 



sidered; notably Cichoii and Tahhan Bittar (1998) provide bounds for finite 
sequences with the embedding order (Higman's Lemma). Their bounds use a 
rather complex ordinal-indexed hierarchy. If we only consider tuples of natural 
numbers, their decomposition also reduces inductively from N'^ to N'^^^, but it 



uses the "badness" parameter (r, see Section 4) as a useful tool, as witnessed by 
their exact analysis of Lr.ij. For arbitrary fc G N, Cichoh and Tahhan Bittar 



have an elegant decomposition, somewhat similar to the large interval approach, 
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that bounds L^^kj by some L^'^k-ij' for some r' and /' obtained from r, / and 



k. However, r' and /', r" and /'' 



quickly grow very complex, and how to 



classify the resulting bounds in the Fast Growing Hierarchy is not very clear 
to us. By contrast, our approach lets us keep the same fixed control function 
/ at all steps in our decomposition, and it can handle Higman's Lemma as 



demonstrated in Schmitz and Schnoebelen (2011) 



Weiermann proves another bound for Higman's Lemma (Weiermann 1994 



Corollary 6.3), but his main focus is actually to obtain bounds for Kruskal's 
Theorem (Weiermann 1994 Corollary 6.4), i.e. for finite trees with the em- 
bedding ordering. The bounds are, as expected, very high, and only consider 
polynomial ranking functions. 



Further Pointers The question of extracting complexity upper bounds from 
the use of Dickson's Lemma can be seen as an instance of a more general con- 
cern stated by Kreisel: "What more than its truth do we know if we have 
a proof of a theorem in a given formal system?" Our work fits in the field 
of implicit computational complexity in a broad sense, which employs tech- 
niques from linear logic, lambda calculus and typing, invariant synthesis, term 
rewriting, etc. that entail complexity properties. In most cases however, the 
scope of these techniques is very different, as the complexity classes under study 
are quite low with e.g. PTime being the main object of focus (e.g. Leivant 



2002 Gulwani 2009 Hoffmann and Hofmann 2010 etc.). By contrast, our 



technique is of limited interest for such low complexities, as the Fast Grow- 
ing Hierarchy only provides very coarse bounds. But it is well suited for the 
very large complexities of many algorithmic issues, for well-structured tran- 



sition systems (Finkel and Schnoebelen 2001) working on tuples of naturals, 
Petri nets equivalences (Mayr and Meyer 1981 Jancar 2001), Datalog with 



logics (Urquhart 1999), LTL with Presburger constraints (Demri 2006), data 



constraints (Revesz 1993), Grobner's bases (Gallo and Mishra 1994), relevance 



logics (Demri and Lazic 2009 Figueira and Segoufin 2009), etc. 



A related concept is the order type of a well partial order (de Jongh and 



Parikh 1977) 



which roughly corresponds to the maximal transfinite length 
of an uncontrolled bad sequence. Although order types do not translate into 
bounds on controlled sequencesr] they are sometimes good indicators, a rule 
of thumb being that an upper bound in ^a is often associated with an order 
type of w", which actually holds in our case. Such questions have been mostly 



investigated for the complexity of term rewriting systems (see Lepper 2004 



and the references therein), where for instance the maximal derivation length 
of a term rewriting system compatible with multiset termina tion order i ng (of 
order uj'^ for some finite k) was shown primitive-recursive by Hofbauer ( 1992 ) 
(however no precise bounds in terms of k were given) . 



9 Conclusion 

In spite of the prevalent use of Dickson's Lemma in various areas of computer 
science, the upper bounds it offers are seldom capitalized on. Beyond the op- 



^For instance, w'^ is the order type of both (N*-', <) and (A/(S(;), C), where M(Sfe) is the 
set of multisets over a finite set Sj. with k elements, but one needs to be careful on how a 
control on one structure translates into a control for the other. 
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timality of our bounds in terms of the Fast Growing Hierarchy, our first and 
foremost hope is for our results to improve this situation, and reckon for this on 

• an arguably simpler main proof argument, that relies on a simple decom- 
position using disjoint sums, 

• a fully worked out classification for our upper bounds — a somewhat te- 
dious task — , which is reusable because we leave the control function as 
an explicit parameter, 

• three template applications where our upper bounds on bad sequences 
translate into algorithmic upper bounds. These are varied enough not 
to be a mere repetition of the exact same argument, and provide good 
illustrations of how to employ our results. 
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A Proofs Omitted from the Main Text 

A.l Proof of Theorem 1372] 
Theorem 3.2. For any r 

irW<max{l + L,^,^,(t + l)}. 

We start with some necessary notation and basic facts: For two quasiorder- 
ings (^1, <i) and {A2, <2), a mapping /i : Ai — > ^42 is a reflection when 

Va, 6 G Ai : h{a) <2 h{b) inipUes a <i b . 

We further say that it is a strong reflection when |/i(x)|oo < |a;|oo for all x. (NB: 
we only consider reflections between quasiorderings that are subsets of some N"^, 
hence the notion of size is well-defined.) When h is a strong reflection, we write 
h : Ai ^^ A2 (or just Ai ^^ A2 when h is left implicit) and say that A2 strongly 
reflects Ai. 

Strong reflections preserve controlled bad sequences: assume h : Ai '-^ A2 
and that xq, xi, . . . , x/ is a i-controlled bad sequence over Ai. Then h(xQ), h{xi), . 
is a i-controUed bad sequence over ^2- 

This notion is compatible with the composition of orderings: 

Fact A.l. Let A, Ai, A2 be quasiorderings: Ai '-J- A2 implies A+Ai =— > A+A2 
and Ax Ai ^-^ Ax A2. 

For a ^ A, we let A/a ^ {x E A \ a ^ x} denote the subset of elements that 
are not above a. Note that (A/b) C (A/a) when a < b. 

When {A, <) is a wqo, {A/ a, <) is clearly a wqo too, called a residual wqo. 
The point is that if x — xo,xi, . . . is a bad sequence over some A, the suffix 
sequence y = Xi, . . . is a bad sequence over A/xq. In the following, we extend 
our notations and write LA(t) for the maximal length of a ^-controlled bad 
sequence over A when A is a subset of some N'^ . 

Here too, the notion of residuals is compatible with the composition of or- 
derings: if a is in Aj, we have for a disjoint sum X^ie/ ^i with j € I 



iJ2A,)/a^iA,/a)+ ^ A, 
^ei\{j} 



(21) 



lei 



More crucially, the region-based decomposition of Section 3 relies on a reflection 
for products 

{{A X B)/{a, b)) ^ {{A/a) x B + Ax {B/b)) . (22) 

An immediate corollary is 

{A^/{a, ...,a))^kx {A/a) x A^-^ . (23) 

Lemma A. 2. Assume a; e N'^ with fc > and \x\oo < f{t) — I.' 

n^/x ^kx (f{t) - 1) X n'^-1 {i.e., Nk{t) X n^-'^) . 



,h{xi) 
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Indeed, when k = 1, N/x = {0, 1, . . . , a; — 1}, which is isomorphic to a; x N°, 
in turn strongly reflected by {f{t) — 1) x N*', while for fc > 1 we reduce to the 
1-dimensional case using Eq. (23). 



By definition of t^j, f) (see Eq. 9L combining Lemma A. 2 and Eq. ( 21 ) directly 
yields 

Lemma A. 3. Assume k € t and x £W^ with |x|oo < f{t) — I-' 

W/x ^ W<'''''> . 



Since strong reflections preserve controlled bad sequences, we deduce 

Ai '-J- A2 implies La^ {t) < La^ {t) 

where, for i — 1,2, Ai is some W\ or one of its residuals. 
We are now sufficiently equipped. 



(24) 



Proof (of Theorem 3.2). The proof is by induction over r, the base case r 



holding trivially in view of £0(i) — 0. For the inductive case, assume r 7^ 
and let 'K. — xt),xi, . . . ,xi be a i-controUed bad sequence over N'^ with maximal 
length, so that Lr{t) ^l + \. Write y — xi, . . . ,xi for the suffix sequence: y is 
a (t + l)-controlled bad sequence over N'^/xo. Since xo belongs to N*^ for some 
k G T, we deduce I < Lt^^. j) (i + 1) by combining 



Lemma A. 3 
using the induction hypothesis. Which concludes our proof. 

A. 2 Proof of Lemma 15.11 



and Eq. (24) and 
D 



Let us first introduce a third, less standard, so-called ^^ dominance^^ ordering on 
multisets, given by 

{ai, .. ., On} E {61, . . . , 6,„} 1^ n < m A ai < 61 A . . . A a„ < 6„ (25) 

where it is assumed that elements are denoted in decreasing order, i.e., ai > 
0,2 > . . . > On and fci > . . . > 6m- In other words, t '^t' when every element in 
r is dominated by its own sibling element in r' (additionally r' may have extra 
elements). For dominance, reflexivity and transitivity are clear. We let the 
reader check that the dominance ordering sits between the inclusion ordering 
and the multiset ordering. 



In order to exploit Eq. (13), we need some basic properties of the operation 
that transforms t into T^fc,t) . 

Lemma A. 4 (About T^fc,t))- 

1- T(k,t) <m T. 

2. IfrC t' then Ti^k,t) E r'^j^^y 

3. If{k,l} C T then m,t){k,t') = T{k,t'){Lt)- 

4. If{k,l} C T with furthermore k < I andt < t' , thenTij^t){k.t') E '''i^kt){i,t')- 

5. If T \— t' and k £ t then there exists I € r' such that k < I and T(^k,t) E 
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Proof Sketch. For [51 we note that Tni\ii^ii\ and t/^j j/w/ j\ are obtained from r 
by performing exactly the same removals and additions of elements. These are 
perhaps performed in different orders, but this does not change the end result. 

For PI we note that t/; jw^, (/\ is some r — {fc, 1} + ti for 

n = Ni{t) X {? - 1} + Nk{t') X {A: - 1} 

while T(^k,t){i,t') is r - {k, 1} + T2 for 

T2 = Ni{t') x{l-l} + Nkit) X {fc - 1} . 

From I > k and f{t) < f{t') we deduce 

Ni{t) + Nk{t') < Ni{t') + Nk{t) . 

Hence ti has less elements than T2. Furthermore, Ti has less of the larger 
"I — 1" elements since Ni{t) < Ni{t'). Thus ri C t2, entailing r — {fc, ?} + ti C 

T~{kJ}+T2. 

For [^ we use the I — hi that corresponds to fc = a^ in the definition of 
dominance ordering. This ensures both fc < I (hence N^. [t) < Ni {t) and N/, {t) x 
{fc - 1} C Ni{t) X {I- 1}) and r - {fc} C t' - {I}. Finally ^k,t) E t^', t) • □ 

Lemma A. 5 (Monotony w.r.t. dominance). If t \—t' then Mrit) < MT'{t). 

Proof. By induction over t. The base case, r = 0, is covered with M0(i) = 0. 
For the inductive case, we assume that r ^ so that Mr{t) is 1 + Mr^^ ^j (t + 1) 
for some k £ t. With 
Then 



Lemma A.4|5 we pick an Z > fc such that r^fe.f) C t'. 



i.t)- 



Mr{t) == 1 + Mr 1^1^ j^ {t + 1) (by assumption) 

< 1 + Mr' {t + 1) (by ind. hyp., using [Lemma A.4|5| 



< Mr'{t) . (by Eq. Q, since I € r') 

n 

Lemma 5.1. Let k — minT and I E t. Then Mr,^ ^At + l) < Mr,^ ^At+1) and, 
hence, 

M0(i) = 

Mr (i) - 1 + Mr^^,^^ ^,j (i + 1) /or r ^ . 

Proof. By induction over t. The case where I = k is obvious so we assume I > k 
and hence {fc, 1} C r. Now 



M,(,^, (i + 1) > 1 + M,^,,^^^,^^^^, {t + 2) (by Eq. Q, since Z G r^,.^,)) 



> 1 + A/t- j, j^ (i + 2) (combining lemmata A.4|^ and A. 5 ) 
= A^r(,,t) (^ + 1) • (by ind. hyp., since k = minr^j^t)) 

D 
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Let us close this section on M with a consequence of |Lemnia 5.1[ 
Corollary A. 6. Let t — % or t' <,„ {minr}. Then for all t > 0, 

Proof. The statement is immediate if r = 0. Otherwise, we prove it by induction 
over r'. The base case, r' — 0, is covered with 

Mr{t) = + Mr{t + 0) = M0(f) + Mr{t + Af0(t)) . 

For the inductive case, we assume r' ^ 0, so that k = minr' exists and is 



no greater than minr. Then by 
T(fc4) <m {minr}. Thus 



Lemma KAll 



'{k,t) 



<m t' , and furthermore 



Mr+r'{t) 



1 + A^r+r' , ,, (t + 1) 



(by Lemma 5.1 ) 



= 1 + Af,j^^^ (t + 1) + A/r(t + 1 + Af,.^^^^ (i + 1)) (by ind. hyp.) 



Mr.{t)+Mr{t + Mr.{t)) 



(by Lemma 5.1 ) 



n 



A. 3 Proof of Proposition 5.2 



Proposition 5.2. Let k,r > 1 be natural numbers and 7 > 1 an ordinal. If 
f is a monotone unary function of ^-^ with f{x) > max(l,x) for all x, then 
Mrx{k},f is in ^^+k-i- 

Proof. We define in the next paragraph another function Gkj, which is mono- 
tone and such that Gk.f{x) > x (Lemma A. 7). It further belongs to ^^^k-i 
by Lemma A. 91 and is such that A37x{fc}jT^) ~ ^k fi^) ~ ^ according to 
Lemma A. 81 i.e. Af^xffe},/ is defined through finite substitution from Gkj and 
cut-off subtractionpl and therefore also belongs to ^-y+k-i- D 

More about the Fast Growing Hierarchy Let us first give a few more 
details on the Fast Growing Hierarchy. The class of functions "^k is the closure 
of {Aa:.0, Xxy.x + y, Xx.Xi} U {F^ \ n < k} under the operations of 

substitution if Hq, hi, . . . ,hn belong to the class, then so does / if 
fixi,... ,Xn) = ho{hi{xi,...,x„),.. .,hnixi,...,x„)) 

limited recursion if hi, h2, and h^ belong to the class, then so does / if 



f{0,Xi,...,Xn) = hi{xi,...,Xn) 

f{y+l,Xi,...,Xn) = h2{y,xi,...,Xn,f{y,xi, 

f{y,Xi,...,Xn) < h3{y,Xi,...,Xn) ■ 



J Xn)) 



^Cut-off subtraction 



x-y 







y if 2; > 3/ 

otherwise, 



can be defined by limited primitive recursion in 5o- 
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Here are a few monotonicity properties that will be useful in the following: 



for each a and all n,x,y with x > y, F^{x) > F^{y) (|Lob and Wainer" 



1970 Lemma 2.6. (iii)), 



• for each a and all m,n,x, if m > n, F^{x) > F"{x) (Lob and Wainer 



1970 Lemma 2.6. (iv)), and 



for each a and every fc > 1 we have, for all n and x, F'^j^^.{x) > F^{x) 
(|L6b and Wainer[ [l970l Lemma 2.8). 



A Simpler Version of AI We consider a fast iteration hierarchy for Mrx{k}j, 
given a monotone unary function /: 



G,j{x)^^,f{x)+x 



(26) 
(27) 



Lemma A. 7. Let f be a monotone unary function such that f{x) > x and let 
n > 1. Then the function Gnj is monotone and such that Gnjix) > x. 

We leave the previous proof to the reader, and turn to the main motivation 
for introducing Gk.f- 

Lemma A. 8. Let k > 1. Then for all r > I and a; > 0, 

Mrx{k}j{x) = Glf{x) - X . 

Proof. We proceed by induction on types r of form r x {k}. For the base case, 
which is r = {1}, we have for all x 



M{i}j{x) = fix) = Gijix) -X. (by Def. Q) 

For the induction step, we first consider the case r — {k}. Then, for all x, 

M{k}j'(x) = 1 + A^Ar;.(x)x{fc-i},/(2^ + 1) (by |Lcmnia"5l| ) 

= l + G^^^f}{x + l)-x-l (byind. hyp.) 

^Gkjix)-x. (by Def. ([27])) 
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Finally, for the case t = (r + 1) x {k}, for all a;, 

Mr+lx{k}jix) 



1 + M^-^[k}+Nkix)x{k-i}j{x + 1) (by lLemma 5.l[ ) 

1 + MAr^(^)x{fc-i} j(a; + 1) 



+ Mrx{k}jix + 1 + Afjv^(^)x{fe-i},/(a:: + 1)) (by |Corollary A.6[ ) 

+ Af,x{fe} J (x + 1 + G^_!l5(x + 1) - x - l) 

(by ind. hyp. on MA,^(^)x{fc-i},/) 

Gf^l:)(x + 1) - X + M.x{.},/(<_!:g(x + 1)) 

- G;^_!g(x + 1) (by ind. hyp. on M,x{fc},/) 

r+] 



G^+;(x)-x. (by Def. (I27l)) 



D 

Placing G„j in the Fast Growing Hierarchy Wc prove the following 
lemma: 

Lemma A. 9. Let 7 > 1 be an ordinal and f be a unary monotone function in 
g'^ with f{x) > max(l,a;) for all x. Then for all k>\, G^j belongs to S'^+fc-i- 

Proof. Since 7 > 1, and because / is in ^7, the function 

h{x) = k ■ fix) + a; + 1 , (28) 

defined through finite substitution from / and addition, is monotone and also 



belon gs to ^j. Then, there exists p £ N such that, for all x (Lob and Wainer 
1970[ Theorem 2.10)Q 



hix) < FP{x) . (29) 

We start the proof of the lemma by several inequalities in Claims |A.9.1| 
and lA.9.21 

Claim A. 9.1. For all y > 1, and x,n>0 

Proof. We proceed by induction on y for the proof of the claim. If j/ = 1, then 

F,"|^j {x + l)< F!;f^ ihix)) (since hix) > x + 1) 

< F!^+n'^^ (Kx)) (by monotonicity of F^+„) 



F^+n+iihix)) (by Def. (15)) 



< F^+n+i (Fl^ix)) (by ([29| and monotonicity of F^+n+i) 

< F^ln+iix) (by ( |L5b and WainCTl \l97^ Lemma 2.8)) 



^The theorem is actually stated for a different version of Fi, but it turns out to hold with 
ours as well. 
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and the claim holds. Quite similarly for the induction step, 



K 



(y 



y+n y^y+n+l \-^ ) J 



<f: 



(by ind. hyp. and monotonicity of -FL_|_„) 



<f: 



Y+n ( "'(-^7+n+l \^)) 



< F, 



7+' 

(since h{x) > x and by monotonicity of -FL_|i„) 



7+n 



(M^+nilH^)) 



(since F^'^f^^^' (x) > x and by monotonicity of h and F^^„(x)) 



F. 



7+ri+l 



<F. 



7+n+l 



{HFytX'h-)) 



(byDef. (15)) 



< 



(by (291 and monotonicity of F^^n^i) 

-^-f+n+iy^-y+n+l \-^ ) J 



,-.(y+i)-(p+i) 

7+n+l 



(by ( |Lob and Wainer[ |1970[ Lemma 2.8)) 

D 



f'J2:l'''"''{x) . 



Claim A. 9. 2. For aU 1 < n < fc and x, y > 0, 

Glj{x)<FyZtT{^)- 
Proof. Let us first show that, for all 1 < ?i < fc, 

Vx.G„,/(x) < F^\\lll{x) implies Vx, y.G^/x) < F^^+^f+f (x). (30) 

By induction on y: for y — Q, G° Ax) = x = F j^_-{ (x), and for the induction 
step on y, for any x, y, 

gi':1(x)^g,,j(gIj{x)) 

<Gr.j(FyZtT{-)) 



< F 



7+n-l I ^7+n-l V-* 



(by ind. hyp. and monotonicity of Gn.f) 

(by ind. hyp.) 



p(a+i)-(p+i)" 

7+n— 1 



F}:"!'!,'"^'' (x) 



It remains to prove that Gnj{x) < F}.^^_j^{x) by induction on n: for n = 1, 

Gij(x) = fix) +x< h{x) < FP{x) < FP+l^,{x) 
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by (29) and inonotonicity of F^. For the induction step on n, 



g„+ij(x) = g:;/^^^V + i) 



-,N„+i(x)-(p+iy' 



< F;;"+-i '■''^ ' {^ + 1) (by ind. hyp. and ([SOf for y = Af„+i(x)) 

j^h(x)-{p- 

' 7 + 71 — 1 

p(p+l 

- 7+n 



< K+n-l^'^\^ + 1) (since n < k) 



< F!f+P'^P^^'>"{x) (bylClaim A.9l]for y ^ (p + 1)" > 1) 



= fr+t5"(-). □ 

The main proof consists in first proving that for all 1 < n < fc, 

Xx.Gnjix) e S'^+n-i implies Xxy.G'"^j{x) G 5^^+„ . (31) 

Indeed, for all x, y, 



Glj (x) < F^'lltT {^) (by [Claim A.9.2D 

< f;+r^r'^"+' {x + y{p + 1)") (by monotonicity of F^+„_i) 
= F^+„(a; + y(p+l)") . 

Thus Xxy.G^ Jx) is defined by a simple recursive definition from Gnj, which is 
in ^j^n-i Q -Sj+n by hypothesis, and is limited by a function in S^-y+„, namely 
Xxy.F-yjj-n{x + y ■ {p + 1) ), clearly defined by finite substitution from addition 
and F-y^n- It belongs therefore to 5^7+„. 

It remains to prove that for all 1 < n < fc, G„ j is in 3^^+„_i. We proceed by 
induction on n; for the case n — 1, Gij — f{x) +a; is defined by finite substitu- 
tion from / and addition, thus belongs to ^^ by hypothesis. For the induction 

step on n, Xx.G„+ij{x) = Aa:.G^"/^ (a; + 1) is defined by substitution from 

• addition, 

• Xx.Nn+i{x) — Xx.{n + 1) • {f{x) — 1), which is defined through cut-off 
subtraction (recall that f{x) > 1 for all x), /, and addition, and thus 
belongs to ^^ C 3^^+„, and from 



Xxy.G^^ f{x), which is by induction hypothesis and Eq. (31) in S^+n 



Thus Aa;.G„+i./(a;) belongs to d^y+n- CH 



A. 4 Proof of Proposition 6.3 



Proposition 6.3. Let j > be an ordinal and fc, r > 1 natural numbers. Then, 
for all t > 0, Ir^k.F.it) > i^;+fc_i(i)- 

Proof. Let us first show that for all fc > 1 

yt.£k,F,{t) > F^+k-iit) implies W > l,i.^^,f^(i) > i^;+fe_i(i) • (32) 

By induction on r; the base case for r — 1 holds by hypothesis, and the induction 
step holds by monotonicity of -Ry+fe-i. 
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It remains to prove £k,F (t) > F^+k-i{t) by induction over fc > 1. The base 
case is settled by £i^f (t) = F^{t) = F-y+i_i(i), and for the induction step, we 
have for all t > 0: 







F-,it) 




k+l,F^ 


(t) 


>KXl-iit) 


it) 



— p'(+k 
Finally, for all r > 1 and i > 0, 

r 
ir,k.F,{t)>Y.lk^F.,{oP-l{t) 

>E^UW 



> £ 



k,F-. 



it) 



>FL,_,it) 



(by monotonicity of £) 
(still by monotonicity of £) 



(by ind. hyp. and (32)) 
(by monotonicity of F^-^-k-i) 



(by monotonicity of £) 

(still by monotonicity of £) 
(by ( 32 1 and the previous argument) 

D 
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